Skip to content

Commit 0783abf

Browse files
RamLaviRamLavi
committed
components/kubemacpool: Add monitoring objects
Upstream kubemacpool added monitoring infrastructure [0][1][2]. - Adding the added objects, with configurable params that will be rendered on runtime by CNAO. - wrapping these objects by another param MonitoringAvailable that will be also rendered on realtime, so these objects will be deployed only then prometheus is installed on the cluster. [0] k8snetworkplumbingwg/kubemacpool#596 [1] k8snetworkplumbingwg/kubemacpool#587 [2] k8snetworkplumbingwg/kubemacpool#598 Assited-by: Claude Sonnet 4.6 <noreply@anthropic.com> Signed-off-by: Ram Lavi <ralavi@redhat.com>
1 parent bc0c0f0 commit 0783abf

File tree

2 files changed

+109
-0
lines changed

2 files changed

+109
-0
lines changed

data/kubemacpool/kubemacpool-monitoring.yaml

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
{{ if .MonitoringAvailable }}
2+
apiVersion: rbac.authorization.k8s.io/v1
3+
kind: Role
4+
metadata:
5+
name: kubemacpool-prometheus
6+
namespace: '{{ .Namespace }}'
7+
rules:
8+
- apiGroups:
9+
- ""
10+
resources:
11+
- services
12+
- endpoints
13+
- pods
14+
verbs:
15+
- get
16+
- list
17+
- watch
18+
---
19+
apiVersion: rbac.authorization.k8s.io/v1
20+
kind: RoleBinding
21+
metadata:
22+
name: kubemacpool-prometheus
23+
namespace: '{{ .Namespace }}'
24+
roleRef:
25+
apiGroup: rbac.authorization.k8s.io
26+
kind: Role
27+
name: kubemacpool-prometheus
28+
subjects:
29+
- kind: ServiceAccount
30+
name: '{{ .MonitoringServiceAccount }}'
31+
namespace: '{{ .MonitoringNamespace }}'
32+
---
33+
apiVersion: v1
34+
kind: Service
35+
metadata:
36+
labels:
37+
control-plane: mac-controller-manager
38+
prometheus.kubemacpool.io: "true"
39+
name: kubemacpool-metrics-service
40+
namespace: '{{ .Namespace }}'
41+
spec:
42+
ports:
43+
- name: metrics
44+
port: 8443
45+
protocol: TCP
46+
targetPort: 8443
47+
selector:
48+
control-plane: mac-controller-manager
49+
---
50+
apiVersion: monitoring.coreos.com/v1
51+
kind: PrometheusRule
52+
metadata:
53+
labels:
54+
openshift.io/prometheus-rule-evaluation-scope: leaf-prometheus
55+
prometheus.kubemacpool.io: "true"
56+
name: kubemacpool-prometheus-rule
57+
namespace: '{{ .Namespace }}'
58+
spec:
59+
groups:
60+
- name: alerts.rules
61+
rules:
62+
- alert: KubemacpoolMACCollisionDetected
63+
annotations:
64+
description: '{{ "{{" }} $value {{ "}}" }} MAC address(es) have collisions. Multiple running
65+
objects are using the same MAC address.'
66+
summary: MAC address collisions detected.
67+
expr: count(kmp_mac_collisions > 1) > 0
68+
for: 30s
69+
labels:
70+
operator_health_impact: warning
71+
severity: warning
72+
---
73+
apiVersion: monitoring.coreos.com/v1
74+
kind: ServiceMonitor
75+
metadata:
76+
labels:
77+
openshift.io/cluster-monitoring: "true"
78+
prometheus.kubemacpool.io: "true"
79+
name: kubemacpool-metrics-monitor
80+
namespace: '{{ .Namespace }}'
81+
spec:
82+
endpoints:
83+
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
84+
port: metrics
85+
scheme: https
86+
tlsConfig:
87+
insecureSkipVerify: true
88+
selector:
89+
matchLabels:
90+
control-plane: mac-controller-manager
91+
{{ end }}

hack/components/bump-kubemacpool.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ echo 'Configure kustomize for CNAO templates and save the rendered manifest unde
2222
(
2323
cd ${KUBEMACPOOL_PATH}
2424
mkdir -p config/cnao
25+
mkdir -p config/cnao-monitoring
2526

2627
cat <<EOF > config/cnao/kustomization.yaml
2728
apiVersion: kustomize.config.k8s.io/v1beta1
@@ -65,6 +66,14 @@ patches:
6566
kind: Deployment
6667
EOF
6768

69+
cat <<EOF > config/cnao-monitoring/kustomization.yaml
70+
apiVersion: kustomize.config.k8s.io/v1beta1
71+
kind: Kustomization
72+
namespace: "{{ .Namespace }}"
73+
bases:
74+
- ../monitoring
75+
EOF
76+
6877
cat <<EOF > config/cnao/cnao_kubemacpool_manager_patch.yaml
6978
apiVersion: apps/v1
7079
kind: Deployment
@@ -177,6 +186,15 @@ rm kustomize.tar.gz
177186
./kustomize build config/cnao | sed "s/'{{ toYaml \(.*\)}}'/{{ toYaml \1}}/;s/'{{ .RunAsNonRoot }}'/{{ .RunAsNonRoot }}/g;s/'{{ .RunAsUser }}'/{{ .RunAsUser }}/g"
178187
) > data/kubemacpool/kubemacpool.yaml
179188

189+
(
190+
cd $KUBEMACPOOL_PATH
191+
echo '{{ if .MonitoringAvailable }}'
192+
./kustomize build config/cnao-monitoring | sed "s/'{{ toYaml \(.*\)}}'/{{ toYaml \1}}/;s/'{{ .RunAsNonRoot }}'/{{ .RunAsNonRoot }}/g;s/'{{ .RunAsUser }}'/{{ .RunAsUser }}/g" \
193+
| sed "s/ name: prometheus-k8s$/ name: '{{ .MonitoringServiceAccount }}'/;s/ namespace: monitoring$/ namespace: '{{ .MonitoringNamespace }}'/" \
194+
| sed 's/{{ \$value }}/{{ "{{" }} \$value {{ "}}" }}/g'
195+
echo '{{ end }}'
196+
) > data/kubemacpool/kubemacpool-monitoring.yaml
197+
180198
echo 'Get kubemacpool image name and update it under CNAO'
181199
KUBEMACPOOL_TAG=$(git-utils::get_component_tag ${KUBEMACPOOL_PATH})
182200
KUBEMACPOOL_IMAGE=quay.io/kubevirt/kubemacpool

0 commit comments

Comments
 (0)